package com.readingtree.library.security;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandlerImpl;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * Created by Administrator on 2017/4/11.
 */
@Component
public class MyAccessDenial extends AccessDeniedHandlerImpl{

    protected static final Log logger = LogFactory.getLog(MyAccessDenial.class);

    public MyAccessDenial() {
    }

    /**
     * when the user didn't has enough authority
     * @param request
     * @param response
     * @param accessDeniedException
     * @throws IOException
     * @throws ServletException
     */
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        logger.error("access denied for request url " + request.getRequestURI());
        response.getWriter().print("403 has been return");
    }

}
